Well, you can kinda, but only by dropping packets the sender sends you, then getting the sender to resend them, very messy. (Since a receiver has no control over the speed material is sent to you by another system).
It is possible to implement without massive packet loss, by using TCP window sizing or TCP window manipulation.
What makes me ask is that astaro have a space for download bandwidth in the interface properties, and I can't think why they would if they didnt support inbound QOS.
THe limitation is, that you can not prioritze diferent packets, but you can specify a certain incoming bandwidth which the firewall shapes the traffic to.
Per definition QoS or Traffic shaping means to determain different traffic and services and handle the differently. this means mainly mainly two things: 1) Shape Traffic 2) Prioritize Packets
In order to achieve this, you need different classes/bands that gets handled differently. In ASL V5 we use for the outgoing Traffic three classes, HIGH, MEDIUM and LOW.
Per default all packets get sorted into the MEDIUM class, except of small TCP ACK packets, ICMP messages, and Packets with certain TOS values set, which get automatically added to the HIGH class. You also can manually sort packets into the different classes using ACCEPT (high prio) and ACCEPT (low prio) in the packet filter ruieset.
The Linux Kernel offeres different schedulers that take care of reordering, sending and dropping the packets to reflect the wanted behavior.
ASL V5 uses Hierarchical Token Bucket (HTB) if you enabled QoS on the Interface to shape traffic and the pfifo_fast scheduler which is automatically added to every interface, if not.
So far so good, the linux kernel offers only one incomming class where all packets get sorted into. You can apply a maximum bandwidth on this class, but this applies on all traffic. Many people would think, that this shaping does not make sense, because the packet is there already, so why should you drop it?
let me try to outline a scenario. You have a DSL connection hand you have several services that use the same bandwidth. If you now start a download from a very fast server on the internet, this server will send its packets as fast as he can. But this causes your other packets to wait at the provider side of your internet connection, because the server sends that many packets. they only way to prevent this is to somehow tell the server to slow down its sending rate. This can be done dropping several of the packets from the server. This will cause the server to slow down the rate and the packet size in which he is sending the download. The incoming traffic does not only get handled by the bandwith, but also by the rate on which packets occure. Now if a certain connection sends to many packets, the incoming QoS will slow them down, in order to get an ordered way of receiving packets.
So, is this basically what I said ? The ASL drops some of the packets coming in on the fast connection in order to slow that sender down ? This is determined by ASL and the amount of bandwidth you set in QoS setup correct ?
